netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* Demonstration code on how to trigger tcp6_sock leak
@ 2004-01-24 13:13 Erik Hensema
  2004-01-25  5:25 ` YOSHIFUJI Hideaki / 吉藤英明
  2004-01-26 20:30 ` FIX (was Re: Demonstration code on how to trigger tcp6_sock leak) David S. Miller
  0 siblings, 2 replies; 5+ messages in thread
From: Erik Hensema @ 2004-01-24 13:13 UTC (permalink / raw)
  To: netdev

[-- Attachment #1: Type: text/plain, Size: 370 bytes --]

Hi,

I wrote some quick&dirty code showing the tcp6_sock leak in Linux 2.6.x.
The server part listens for incoming connections and accept()'s them. The
client will simply connect() to the server and close the connection.

Do a 'grep tcp6_sock /proc/slabinfo' before and after running the programs,
and you will clearly see the leak.

-- 
Erik Hensema (erik@hensema.net)

[-- Attachment #2: server.c --]
[-- Type: text/plain, Size: 752 bytes --]

#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <strings.h>
#include <stdio.h>

#define port 4000

int
main(
		int argc,
		char **argv
    )
{
	int fd;
	struct sockaddr_in6 myaddr;
	struct sockaddr addr;
	socklen_t len;
	int i;

	if((fd = socket(PF_INET6, SOCK_STREAM, 0)) < 0) {
		perror("socket");
	}

	bzero(&myaddr, sizeof(myaddr));
	myaddr.sin6_family = AF_INET6;
	myaddr.sin6_port = htons(port);
	myaddr.sin6_addr = in6addr_any;

	if(bind(fd, (struct sockaddr *)&myaddr, sizeof(myaddr)) < 0) {
		perror("bind");
	}

	if(listen(fd, 32) < 0) {
		perror("listen");
	}

	for(i = 0; i < 1000; i++) {
		if(accept(fd, &addr, &len) < 0) {
			perror("accept");
		} else {
			printf("Accept: %d\n", i);
		}
	}

	return 0;
}

[-- Attachment #3: client.c --]
[-- Type: text/plain, Size: 692 bytes --]

#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <string.h>
#include <unistd.h>
#include <stdlib.h>
#include <stdio.h>

#define port 4000

int
main(
		int argc,
		char **argv
    )
{
	int fd;
	struct sockaddr_in6 srvaddr;
	int i;


	bzero(&srvaddr, sizeof(srvaddr));

	srvaddr.sin6_family = AF_INET6;
	srvaddr.sin6_port = htons(port);
	srvaddr.sin6_addr = in6addr_loopback;

	for(i = 0; 1; i++) {
		if((fd = socket(PF_INET6, SOCK_STREAM, 0)) < 0) {
			perror("socket");
			exit(0);
		}

		if(connect(fd, (const struct sockaddr *)&srvaddr, sizeof(srvaddr)) < 0) {
			perror("connect");
		} else {
			printf("Connect %d\n", i);
			close(fd);
		}
	}

	return 0;
}

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: Demonstration code on how to trigger tcp6_sock leak
  2004-01-24 13:13 Demonstration code on how to trigger tcp6_sock leak Erik Hensema
@ 2004-01-25  5:25 ` YOSHIFUJI Hideaki / 吉藤英明
  2004-01-26 20:30 ` FIX (was Re: Demonstration code on how to trigger tcp6_sock leak) David S. Miller
  1 sibling, 0 replies; 5+ messages in thread
From: YOSHIFUJI Hideaki / 吉藤英明 @ 2004-01-25  5:25 UTC (permalink / raw)
  To: erik; +Cc: netdev, yoshfuji, usagi-core

In article <20040124131307.GB2666@bender.home.hensema.net> (at Sat, 24 Jan 2004 14:13:07 +0100), Erik Hensema <erik@hensema.net> says:

> I wrote some quick&dirty code showing the tcp6_sock leak in Linux 2.6.x.
> The server part listens for incoming connections and accept()'s them. The
> client will simply connect() to the server and close the connection.

Okay, I confirm that there're something wrong with tcp6 socket.
I'll look into it as soon as possible.

--yoshfuji

^ permalink raw reply	[flat|nested] 5+ messages in thread
* FIX (was Re: Demonstration code on how to trigger tcp6_sock leak)
  2004-01-24 13:13 Demonstration code on how to trigger tcp6_sock leak Erik Hensema
  2004-01-25  5:25 ` YOSHIFUJI Hideaki / 吉藤英明
@ 2004-01-26 20:30 ` David S. Miller
  2004-01-26 22:01   ` FIX YOSHIFUJI Hideaki / 吉藤英明
  1 sibling, 1 reply; 5+ messages in thread
From: David S. Miller @ 2004-01-26 20:30 UTC (permalink / raw)
  To: erik; +Cc: netdev, acme, yoshfuji


Ok, I've figured out the bug.  Arnaldo only fixed one of the
two incorrect calls to sk_add_node() which should both be
__sk_add_node().

Erik give this a spin.

# This is a BitKeeper generated patch for the following project:
# Project Name: Linux kernel tree
# This patch format is intended for GNU patch command version 2.5 or higher.
# This patch includes the following deltas:
#	           ChangeSet	1.1520  -> 1.1521 
#	 net/ipv6/tcp_ipv6.c	1.76    -> 1.77   
#
# The following is the BitKeeper ChangeSet Log
# --------------------------------------------
# 04/01/26	davem@nuts.ninka.net	1.1521
# [IPV6]: Fix TCP socket leak, do not grab socket reference when adding to main hashes.
# --------------------------------------------
#
diff -Nru a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c
--- a/net/ipv6/tcp_ipv6.c	Mon Jan 26 12:34:20 2004
+++ b/net/ipv6/tcp_ipv6.c	Mon Jan 26 12:34:20 2004
@@ -485,7 +485,7 @@
 
 unique:
 	BUG_TRAP(sk_unhashed(sk));
-	sk_add_node(sk, &head->chain);
+	__sk_add_node(sk, &head->chain);
 	sk->sk_hashent = hash;
 	sock_prot_inc_use(sk->sk_prot);
 	write_unlock_bh(&head->lock);

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: FIX
  2004-01-26 20:30 ` FIX (was Re: Demonstration code on how to trigger tcp6_sock leak) David S. Miller
@ 2004-01-26 22:01   ` YOSHIFUJI Hideaki / 吉藤英明
  2004-01-27  2:57     ` FIX Arnaldo Carvalho de Melo
  0 siblings, 1 reply; 5+ messages in thread
From: YOSHIFUJI Hideaki / 吉藤英明 @ 2004-01-26 22:01 UTC (permalink / raw)
  To: davem, acme; +Cc: erik, netdev, yoshfuji

In article <20040126.123042.104046496.davem@redhat.com> (at Mon, 26 Jan 2004 12:30:42 -0800 (PST)), "David S. Miller" <davem@redhat.com> says:

> 
> Ok, I've figured out the bug.  Arnaldo only fixed one of the
> two incorrect calls to sk_add_node() which should both be
> __sk_add_node().

Thanks you!

-- 
Hideaki YOSHIFUJI @ USAGI Project <yoshfuji@linux-ipv6.org>
GPG FP: 9022 65EB 1ECF 3AD1 0BDF  80D8 4807 F894 E062 0EEA

^ permalink raw reply	[flat|nested] 5+ messages in thread
* Re: FIX
  2004-01-26 22:01   ` FIX YOSHIFUJI Hideaki / 吉藤英明
@ 2004-01-27  2:57     ` Arnaldo Carvalho de Melo
  0 siblings, 0 replies; 5+ messages in thread
From: Arnaldo Carvalho de Melo @ 2004-01-27  2:57 UTC (permalink / raw)
  To: YOSHIFUJI Hideaki / ?$B5HF#1QL@; +Cc: davem, erik, netdev

Em Tue, Jan 27, 2004 at 07:01:42AM +0900, YOSHIFUJI Hideaki / ?$B5HF#1QL@ escreveu:
> In article <20040126.123042.104046496.davem@redhat.com> (at Mon, 26 Jan 2004 12:30:42 -0800 (PST)), "David S. Miller" <davem@redhat.com> says:
> 
> > 
> > Ok, I've figured out the bug.  Arnaldo only fixed one of the
> > two incorrect calls to sk_add_node() which should both be
> > __sk_add_node().
> 
> Thanks you!

Great! Thanks!

- Arnaldo

^ permalink raw reply	[flat|nested] 5+ messages in thread
end of thread, other threads:[~2004-01-27  2:57 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-01-24 13:13 Demonstration code on how to trigger tcp6_sock leak Erik Hensema
2004-01-25  5:25 ` YOSHIFUJI Hideaki / 吉藤英明
2004-01-26 20:30 ` FIX (was Re: Demonstration code on how to trigger tcp6_sock leak) David S. Miller
2004-01-26 22:01   ` FIX YOSHIFUJI Hideaki / 吉藤英明
2004-01-27  2:57     ` FIX Arnaldo Carvalho de Melo

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).